Module Name: src
Committed By: martin
Date: Thu Jul 13 09:45:08 UTC 2017
Modified Files:
src/doc [netbsd-6-1]: CHANGES-6.1.6
Log Message:
Ticket #1461
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.96 -r1.1.2.97 src/doc/CHANGES-6.1.6
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.1.6
diff -u src/doc/CHANGES-6.1.6:1.1.2.96 src/doc/CHANGES-6.1.6:1.1.2.97
--- src/doc/CHANGES-6.1.6:1.1.2.96 Tue Jul 11 21:29:14 2017
+++ src/doc/CHANGES-6.1.6 Thu Jul 13 09:45:08 2017
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.1.6,v 1.1.2.96 2017/07/11 21:29:14 snj Exp $
+# $NetBSD: CHANGES-6.1.6,v 1.1.2.97 2017/07/13 09:45:08 martin Exp $
A complete list of changes from the NetBSD 6.1.5 release to the NetBSD 6.1.6
release:
@@ -11970,3 +11970,14 @@ xsrc/xfree/xc/programs/Xserver/Xi/sendex
Fix CVE-2017-10971 and CVE-2017-10972.
[mrg, ticket #1459]
+crypto/external/bsd/heimdal/dist/lib/krb5/ticket.c 1.3-1.4
+
+ In _krb5_extract_ticket() the KDC-REP service name must be
+ obtained from encrypted version stored in 'enc_part' instead
+ of the unencrypted version stored in 'ticket'.
+ Use of the unecrypted version provides an opportunity for
+ successful server impersonation and other attacks.
+
+ Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams.
+ [christos, ticket #1461]
+
